Method, device and system for generating passwords

ABSTRACT

A method and a device for generating a password for access to a service. The method includes the following steps on a password generating device connected to a user terminal: obtaining a first item of data representative of at least one symbol; depending on the obtained first item of data, obtaining at least one second item of data having at least two symbols for a symbol of the first item of data; generating a third item of data, referred to as the password, from the at least one second item of data; and transmitting the password to the terminal.

FIELD OF THE INVENTION

The invention relates to the field of communications security.

The invention is applicable to any terminal handling secure passwordsfor protecting the access to a hardware or software resource.

PRIOR ART

In a known manner, a password is an authenticator allowing a user toaccess a certain number of hardware and/or software resources of acomputer, of a server, of an assembly of network-connected computers,etc.

Several strategies may be used for generating passwords exhibiting acertain level of robustness, and hence offering a higher or lower levelof security.

Most of these strategies are maladapted for a human user, because it isdifficult to generate a password that is readily memorized and whichnevertheless has a certain level of security, in other words thatguarantees the robustness of the password used, i.e. greatly reduces itsvulnerability to pirate attacks (hackers) aimed at stealing it. Indeed,the robustness of a password depends on its length (the number of words,or symbols, from a given dictionary) and on the total number of wordsused from the dictionary. The security increases with the number ofsymbols composing the password and the wealth of the chosen dictionary.However, it is not easy for a human user to memorize a long series ofsymbols, whether they be letters, numbers, special characters, etc.

Moreover, since the attacks are becoming more sophisticated over time,the passwords must be even longer in order to resist them. The user veryoften balks at the use of such long and complex passwords, difficult tomemorize, manipulate and potentially share if it is the password foraccessing a shared service, such as for example a Web service, access toa bank account, etc. In many cases, he/she is happy to use a very simplepassword that is very easy to memorize (“1234”, “Garry”, etc.) but alsoto hack.

Today, solutions exist for rendering such a password secure. Notably,there exist cryptographic authentication systems, for which the simpleconnection of a smartcard allows the terminal of the user to beauthenticated. However, in the case of loss of the card, anybody canauthenticate themselves in place of the user.

In order to solve this problem, this type of card may be associated witha security code. However, this code is unique and does not thereforeallow authentication for various applications and/or services requiringdifferent passwords.

There also exist systems of password safes, such as for example theYubiKey© authentication device, manufactured and marketed by the Yubicocompany, allowing users to authenticate themselves in a secure mannerwith their accounts by generating a single-use password or by storingstatic passwords for the sites that do not support single-use passwords.Such a device however requires the installation of a software orhardware component on the PC (of the plug-in type), and also on theremote server hosting the service. Moreover, the data are stored locallyon the PC.

There accordingly exists a need to offer the user the possibility ofusing very simple passwords while at the same time ensuring a highsecurity for them on various sites, irrespective of the terminal thatthey are using.

DESCRIPTION OF THE INVENTION

The invention provides an improvement on the prior art.

For this purpose, it provides a method for generating a password foraccessing a service, said method comprising the following steps on apassword generating device connected to a terminal of a user:

-   -   obtain a first datum representative of at least one symbol;    -   as a function of the first datum obtained, obtain at least one        second datum comprising at least two symbols for one symbol of        the first datum;    -   generation of a third datum, called password, from said at least        one second datum;    -   transmission of said password to the terminal.

The term “symbol” is understood to mean any given symbol belonging to adictionary, for example a character. Here, dictionary is understood tomean any given source of symbols (alphabet, syllables, letters, numbers,series of numbers and letters, special characters, etc.). For example,as source of the first datum, a dictionary composed of the 9 digits from0 to 9 is used and, as source of the second datum, a dictionary composedof all the letters and combinations of letters of the Latin alphabet isused. The password is composed, in this case, of words (series ofletters) extracted for example randomly from this dictionary.

Of course, many variants may be envisioned without straying from thescope of the invention: use of numbers, special characters, etc.

Advantageously, according to the invention, when the user enters atleast one symbol, for example a character corresponding to a numberbetween 0 and 9, into a human-machine interface of the device, anotherchain of symbols, for example of alphanumeric characters (such as7b2a385c), is generated by the device and concatenated to the password.Since this chain of symbols is longer and more complex than the simplecharacter entered, the password which results from this is more robust.Indeed, it is not easy for a human user to memorize a long series ofsymbols, whether this be combinations of letters, of numbers, etc. Onthe other hand, it is very simple for them to memorize the first datum(for example 1234) as a series of digits to be input on the keyboard ofthe device, or to be pronounced to a vocal interface, etc. For eachdigit input by the user and obtained by the generation program, a longerchain of characters is generated and potentially concatenated to theexisting chain. Thus, a long and complex password is generated from asimple code such as a series of digits. It will be noted that thepassword may just as easily be generated on the fly, in other words eachsymbol input on the device leads to the generation of a part of thepassword, or be generated after all the symbols of the first datum havebeen input into the terminal.

According to one particular embodiment of the invention, in the methodsuch as described hereinabove, the transmission step is preceded by astep for verifying the first datum obtained.

Advantageously, according to this embodiment, the first datum, composedof one or more symbols input into an interface of the device, isverified before being transmitted to the terminal.

The verification may apply to various elements: number of first symbolsentered, for example if the method is expecting a code of the PIN typecomposed of 4 digits, certain first data may be excluded from thevalidation (for example “587” is too short, a code “0000” or “1234” maybe forbidden since too easy to guess, etc.).

According to one particular embodiment of the invention, in the methodsuch as described hereinabove, the transmission step is preceded by astep for verifying the password generated.

Advantageously, according to this embodiment, the final password isverified before being transmitted to the terminal. The verification maybe applied to various elements: number of symbols generated, length ofthe password generated, complexity of the password generated, etc. Astandard verification method may notably be envisioned, such as thepresence of an upper case and/or lower case letter, number, specialcharacter, etc. in the password, or the compliance with a minimumlength. According to another example, the level of security of thepassword, or the compliance with the minimum entropy threshold, may beverified each time a new acquisition of a symbol/character adds anadditional chain to the password. An entropy is defined most generally,in the field of information and communications, as a mathematicalfunction which corresponds to the quantity of information contained ordelivered in a message (the password in this particular case) by aninformation source, in this context a dictionary of characters. From thepoint of view of a receiver, the more the source generates differentsymbols with an equal probability, the higher the entropy. It may thusbe indicated to the user, as soon as the level of entropy, and hence ofrobustness, of the password is judged to be sufficient, that they maystop inputting characters on the keyboard of the device.

According to one particular embodiment of the invention, in the methodsuch as described hereinabove, an unlocking step precedes theacquisition of the first symbol of the first datum.

Advantageously, according to this embodiment, an additional security isassociated with the generation of the password. The unlocking stepindeed allows it to be ensured that the user of the generation devicereally is the one expected (e.g. its owner). It may be carried outfollowing the acquisition of a biometric datum of the user (fingerprint,eye scan, predefined movement, vocal sequence, etc.)

According to one particular embodiment of the invention, the method suchas described hereinabove furthermore comprises a step for initializingthe device, comprising a sub-step for recording a series of at least twosymbols of the second datum in association with at least one symbol ofthe first datum.

Advantageously, according to this embodiment, the device ispre-configured for automatically generating passwords. For example, ifthe device disposes of a keyboard with keys numbered from 0 to 9, aseries of alphanumeric symbols may be associated with each of thesenumbers, stored in the memory of the device. Subsequently, when the userpresses a key of the device, the corresponding series of symbols isextracted from the memory and automatically concatenated to the passwordbeing prepared.

In a correlated manner, the invention also provides a device forgenerating a password, comprising at least a transmission module, amemory and a processor configured for:

-   -   obtaining a first datum representative of at least one symbol;    -   as a function of the datum obtained, obtaining a second datum        comprising at least two symbols for one symbol of the first        datum;    -   generating a third datum, called password, from said at least        one second datum;    -   transmitting said password via the transmission module.

The invention also relates to such a device furthermore comprising ahuman-machine interface for the acquisition of said at least one firstdatum.

The invention also relates to such a device in which the human-machineinterface is a keyboard.

The invention also relates to such a device in which the transmissionmodule is an interface of the serial type.

The invention also relates to such a device in which the transmissionmodule is an interface of the radio type.

The invention also relates to a system comprising:

-   -   a device for generating a password such as previously defined,    -   a terminal connected to the password generating device via its        transmission module,        configured in such a manner as to transmit the password        generated by the device to the terminal when the password is        valid.

The invention also relates to a computer program comprising instructionsfor the implementation of the method hereinabove according to any one ofthe particular embodiments previously described, when said program isexecuted by a processor. The method may be implemented in various ways,notably in wired form or in software form. This program may use anygiven programming language, and may take the form of source code, objectcode, or of code intermediate between source code and object code, suchas in a partially compiled form, or in any other desired form.

The invention is also aimed at a recording medium or information mediumreadable by a computer and comprising instructions of a computer programsuch as mentioned hereinabove. The aforementioned recording media may beany given entity or device capable of storing the program. For example,the medium may comprise a storage means, such as a ROM, for example aCD-ROM or a microelectronic circuit ROM, or else a magnetic recordingmeans, for example a hard disk. Furthermore, the recording media maycorrespond to a transmissible medium such as an electrical or opticalsignal, which may be carried via an electrical or optical cable, byradio or by other means. The programs according to the invention may inparticular be uploaded onto a network of the Internet type.

Alternatively, the recording media may correspond to an integratedcircuit into which the program is incorporated, the circuit beingdesigned to execute or to be used in the execution of the method inquestion.

This device and this computer program have features and advantagesanalogous to those previously described in relation with the method forgenerating a password.

LIST OF THE FIGURES

Other features and advantages of the invention will become more clearlyapparent upon reading the following description of particularembodiments, presented by way of simple illustrative and non-limitingexamples, and from the appended drawings, amongst which:

FIG. 1 illustrates one example of implementation environment of theinvention according to one particular embodiment;

FIG. 2 illustrates an architecture of a password generating deviceaccording to one embodiment of the invention;

FIG. 3 illustrates steps of the method for generating passwordsaccording to one embodiment of the invention.

DESCRIPTION OF ONE EMBODIMENT OF THE INVENTION General Principle of theInvention

The general principle of the invention consists in connecting to aterminal (computer/tablet/smartphone/gateway) for accessing a service(Web service, payment service, etc.) a very simple device recognized asan access peripheral, for example of the keyboard type.

This very simple device comprises a limited number of keys (e.g. from 0to 9). The user may associate a random number of symbols or characterswith each key. Each time a key is pressed it generates a series ofnumbers and/or letters and/or symbols of any given alphabet to betransmitted to the terminal to which it is connected.

It is thus possible to generate a password that is very difficult tohack with a minimum number of digits or letters to be memorized by theuser.

Particular Embodiments of the Invention

FIG. 1 shows the context of one embodiment of the invention according towhich a user (A) has to enter a password for authentication to a remotesite S via a terminal B, for example a payment site, or a ‘hotspot’,etc. According to this example, the password is intended for anapplication being run on a WEB server to which the terminal B isconnected via an Internet network. Of course, other scenarios may beenvisioned: the network may be of any nature (radiomobile, internet,cellular, etc.); the service targeted may be localized on the terminalitself, for example if this is a server, a payment terminal, a homenetwork gateway, etc.

The user disposes of a device (C) connected to the terminal via acommunications link (L). The connection may be of any given type, wiredor wireless. According to one embodiment, it is of the USB (UniversalSerial Bus) type for a serial connection with the terminal B, whichdisposes of an interface of the same type as the device (USB).

The device C is, according to this example, a very simple devicerecognized as a USB keyboard, which allows numerical data of the digittype to be input and for it to be converted, by association of eachdigit with a series of longer symbols, into a complex password and forit to be transmitted to the terminal B. For example, the user inputsinto this device, by means of his/her keyboard, a code of the ‘PIN code’type, in other words an ordered series of 4 digits. Each time thathe/she inputs a digit, a series of symbols is obtained from the memoryof the device, and this series is concatenated to the password in theprocess of being generated. The password is finalized after inputtingthe fourth digit. Optionally, the code and/or the password may bedisplayed for verification on a screen of the terminal, if it has one,and the input is validated by validation keys of the device, triggeringa transmission to the terminal B according to the USB serial protocol.In such a context, the device may not have an internal power supply.This is because, conventionally, the USB interface transports power tothe microcontroller of the device C. The microcontroller being correctlypowered, the communication becomes possible between the device C and theterminal B. Advantageously, such a very simple device offers theadditional advantage of being very resistant to attacks and hacking.

According to another example, not shown, the device C is a smartphonehosting an application for generating passwords. On the screen of thesmartphone, the user may input data, for example numerical data, whichis transformed into a password by a software module (for example anapplet) or hardware module (for example a USB flash drive) before beingtransmitted to the terminal B. For example, the user inputs into thesmartphone, by means of an emulated keyboard, a code of the “PIN code”type. Optionally, the code and/or the password may be displayed forverification on the screen of the terminal or of the smartphone, and theinput is validated by validation keys of the smartphone, triggering atransmission to the terminal B according to a radio protocol (forexample Bluetooth).

Of course, in both cases, many variants may be envisioned withoutstraying from the context of the invention:

-   -   other communications interfaces and protocols, wired or        wireless, available to those skilled in the art could replace        the USB or Bluetooth protocols mentioned for the communication        with the terminal: for example a serial interface of the RS232        type, or another type of serial interface, or else a parallel        interface, or else a radio interface of the Wi-Fi type or light        interface of the Li-Fi type, etc. Nevertheless, since another        type of connection is not necessarily able to supply the        microcontroller of the device with the power that it needs, it        will additionally be necessary to provide a power supply means,        for example a current generator, within the device.    -   other human-machine interfaces may be used: vocal interface (the        user pronounces a series of numbers or letters), movement        detection interface (the user draws on the screen a pattern        corresponding to a series of symbols of the first datum), etc.

FIG. 2 illustrates an architecture of the device C according to oneembodiment.

According to this embodiment, the device C has the conventionalarchitecture of a keyboard, and notably comprises a memory MEM, aprocessing unit UT, equipped for example with a processor PROC andcontrolled by the computer program PGR stored in memory MEM. Uponinitialization, the code instructions of the computer program PGR arefor example loaded into a memory before being executed by the processorPROC. The processor PROC of the processing unit UT notably implementsthe steps of the method for generating a password according to any oneof particular embodiments described in relation with FIGS. 1 and 3 ,according to the instructions of the computer program PGR:initialization of the device, notably with the aim of it beingrecognized as a keyboard of the USB type according to one embodiment ofthe invention, generation of the passwords based on a simple code,verification of the code or of the passwords, verification of the user,etc.

According to other embodiments or their variants, and without strayingfrom the scope of the invention, the device furthermore comprises:

-   -   an input-output module (COM) for the communications with the        terminal B (serial USB link, or NFC module, or Wi-Fi, etc.);    -   a power supply module (this may be a power supply on the device,        or power received via a link of the USB type for example);    -   a data base (BD) notably storing the sequences of symbols (of        the second datum) associated with the entries of the user (entry        of the symbols of the first datum); for example, a preferably        random sequence of alphanumeric symbols is associated with each        digit from 1 to 9; according to the embodiments described, the        database is located in the memory MEM of the device or of an        associated device;    -   a conversion module CONV for converting the entries of the user        (first datum) into a password (third datum) to be transmitted to        the terminal, resulting from the concatenation of the second        data;    -   a module IHM for the communication with the user (for example a        module for controlling the keyboard, designed to capture the        entries of the user on the keys of the keyboard, or a microphone        designed to capture audio data, etc.);    -   optionally, a module SEC for protecting the access to the device        (recognition of fingerprint, face, voice, etc. of the user);    -   optionally, a module GENE (not shown) for generating keys (K1)        which may associate, during the initialization of the device, at        least one longer and preferably random chain of symbols with a        symbol. This module may be used at the first use of the device        (initialization) or during a re-initialization of the device        (reset resulting in a loss of the existing passwords).        Optionally, this module may associate different chains with the        same symbol according to the order, the recurrence, etc. of the        symbols. It may for example use a random number generator (of        the GUID or UUID type, etc.);    -   optionally, a module IMP (not shown) for import/export of the        data to a new device, in the case where the user changes device        and wishes to recover the recorded associations.

According to another embodiment, not shown, the device is partiallyincluded in a terminal of the smartphone type, which already possesses akeyboard and can support the conversion algorithm. In this case, thedevice may be a simple flash drive to be connected to the smartphone,comprising the module BD for associating chains of symbols with acharacter/symbol.

According to another embodiment, not shown, the device is entirelyincluded in a terminal of the smartphone type equipped with a specificprogram (preferably secured, such as for example an applet running inthe SIM card associated with the smartphone) designed to manage all theaforementioned modules, notably the keyboard (IHM) via an emulation onthe screen of the smartphone, the conversion algorithm (CONV) and theconversion tables (BD) in memory, and the communication (COM) with theterminal, for example using the Bluetooth module of the smartphone.Advantageously, in this case, the smartphone is equipped with thehardware and software means which allow it to be recognized as akeyboard (a keyboard emulation module).

FIG. 3 illustrates steps of the method for generating the passwordaccording to one embodiment of the invention.

During a step E0, the user carries out a certain number ofinitializations on his/her device: he/she optionally unlocks the device(via a fingerprint, a code, etc.), then configures the human-machineinterface, according to this embodiment the keys of the keyboard;according to one example, he/she may input themselves the combinationsassociated with the keys either directly on the keyboard of the device(for example the key 1 will be associated with the chain 273293857) oron an interface of the user terminal which is connected to the device,which allows a more extensive dictionary of symbols to be made available(for example the key 1 will be associated with the chain 32414c279f52,etc.). According to another example, the generation module GENE uses arandom data or random number generator to be associated with each of thekeys (for example 1↔b7b2a385c; 2↔e79av; 3↔9099; 4↔32414c279f52, etc.).In any case, the associations between the keys (generators of the firstdata) and the sequences (or second data) are stored in memory by thedevice. Preferably, during this step, the device is connected to aterminal which offers it a configuration interface.

During a later step E1, when the user wishes to access a service (localor remote) protected by a password, he/she connects their device to theaccess terminal B, for example via a USB link. During the connection, adialogue is established between the terminal and the device, accordingto a conventional USB recognition procedure, at the outcome of which thedevice is recognized as a USB keyboard. Such a dialogue, during whichthe device describes itself as an HID (Human Interface Device) of thekeyboard type, is well known by those skilled in the art. The useroptionally unlocks the device, the access to the keys being protected byreading a fingerprint in order to ensure that anyone finding the devicecannot see the codes generated by the flash drive (which would tend todecrease the protection), or password.

According to one variant, the connection of the device to the terminalcauses a virtual keyboard to appear on the screen of the terminal, whichallows the number of possibilities to be increased and access to analphanumeric code (first datum) to be obtained (for example a simplifiedcode linked with the user or the service required, such as for example‘garry’ or “BOX”).

According to another variant, the keys of the device may be replaced byanother mechanism for interfacing with the user, for example amicrophone coupled to a module for voice recognition and/oridentification of the speaker.

During a step E10, the terminal B requests a password, for example thatrequired for the access to the remote site S shown in FIG. 1 .

During a step E2, the user enters at least one symbol of the code forconnection to the service, in other words a first datum (9, or B, etc.)or the entirety of the expected first data (9-4-7-1 or B.O.X orY.A.H.O.O, etc.) This code is denoted K0.

During a step E3, a second datum is generated by the device for thesymbol or symbols that have just been entered, using the storage inmemory that has been carried out at the step E0. This second datum maycorrespond to all or part of the password (denoted K2) depending onwhether the connection code has been entered entirely or otherwise.Indeed:

-   -   according to a first embodiment, the second datum, K1, is        generated each time that the user enters a symbol (by pressing a        key) and the second datum is concatenated in a buffer for        composition of the password; in this case, the steps E2 and E3        are carried out as many times as is necessary in order to obtain        the code composed of the first data (K0) and hence for the        generation of the complete password. This is illustrated by the        rising dashed arrow in the figure;    -   according to one variant, the second datum is generated each        time that the user enters a symbol (key) and the second datum is        transmitted with the flow to the terminal; in this case, it is        not necessary to use an intermediate concatenation buffer and        the steps E2 to E4 are carried out as many times as is necessary        to obtain the complete code (and hence the password). This is        illustrated by the rising dashed arrow in the figure;    -   according to another variant, the second datum is generated only        when the user has input his entire code, or set of first data.        In this case, the complete password is generated in one go at        the step E3; it is not necessary to use an intermediate        concatenation buffer.

During a step E4, the password is transmitted to the terminal. It willbe noted that, depending on the option previously chosen, it may betransmitted with the flow as the second data is generated, or at the endwhen the password is completely formed.

During a step E11, the terminal receives the password K2 and verifiesit. If the password is not valid, the method may return to the stepE10/E2. Otherwise, the user accesses the service at the step E12. Thedevice may be disconnected from the terminal.

It goes without saying that the embodiment which has been describedhereinabove has been presented purely by way of non-limiting example,and that numerous modifications may easily be made by those skilled inthe art without however straying from the scope of the invention.

1. A method for generating a password for accessing a service, saidmethod being performed on a password generating device connected to aterminal of a user and comprising: obtaining a first datumrepresentative of at least one symbol; as a function of the first datumobtained, obtaining at least one second datum comprising at least twosymbols for one symbol of the first datum; generating a third datum,called the password, from said at least one second datum; andtransmitting said password to the terminal.
 2. The method as claimed inclaim 1, further comprising, prior to the transmitting, verifying thefirst datum obtained.
 3. The method as claimed in claim 1, furthercomprising, prior to the transmitting, verifying the password generated.4. The method as claimed in claim 1, further comprising performing anunlocking step prior to obtaining a first symbol of the first datum. 5.The method as claimed in claim 1, furthermore comprising initializingthe device, comprising recording a series of at least two symbols of thesecond datum in association with at least one symbol of the first datum.6. A device for generating a password, comprising: a transmitter, amemory; and a processor which is configured to: obtain a first datumrepresentative of at least one symbol; as a function of the datumobtained, obtain a second datum comprising at least two symbols for onesymbol of the first datum; generate a third datum, called the password,from said at least one second datum; and transmit said password via thetransmission module.
 7. The device for generating a password as claimedin claim 6, furthermore comprising a human-machine interface forobtaining said at least one first datum.
 8. The device for generating apassword as claimed in claim 7, in which the human-machine interface isa keyboard.
 9. The device for generating a password as claimed in claim6, in which the transmitter comprises a serial interface.
 10. The devicefor generating a password as claimed in claim 6, in which thetransmitter comprises a radio interface.
 11. (canceled)
 12. Anon-transitory computer readable medium comprising code instructionsstored thereon which, when the program is executed by a processor of apassword generating device, carries out a method for generating apassword for accessing a service, said method comprising: obtaining afirst datum representative of at least one symbol; as a function of thefirst datum obtained, obtaining at least one second datum comprising atleast two symbols for one symbol of the first datum; generating a thirddatum, called the password, from said at least one second datum; andtransmitting said password to a terminal of a user.